Skip to content

Edit pipeline for Nightly Releases #259

Edit pipeline for Nightly Releases

Edit pipeline for Nightly Releases #259

name: "Code Analysis"
on:
push: # The master branch must be analyzed on a new commit
branches: [ master ]
pull_request:
# Any PR on master must be analyzed
branches: [ master ]
workflow_dispatch: # CodeQL can be triggered manually
jobs:
analyzeQL:
name: Analyze with CodeQL
# runs-on: [windows-latest] # may cause Out of Memory errors
runs-on: [self-hosted]
permissions:
# required for all workflows
security-events: write
# required to fetch internal or private CodeQL packs
packages: read
strategy:
fail-fast: false
matrix:
language: [ 'csharp' ]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
- name: Setup .NET Core SDK
uses: actions/[email protected]
with:
dotnet-version: ${{vars.DOTNET_VERSION}}
- run: dotnet restore
- run: dotnet build ./FASTER.sln --configuration Debug
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
AnalysisSonar:
name: Analyze with SonarCloud
runs-on: windows-latest
permissions:
pull-requests: write # allows SonarCloud to decorate PRs with analysis results
# steps: # DOES NOT SCAN FOR SOME REASON ?
# - name: Analyze with SonarCloud
# # You can pin the exact commit or the version.
# uses: SonarSource/sonarcloud-github-action@v3
# env:
# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
# with:
# # Additional arguments for the SonarScanner CLI
# args:
# -Dsonar.projectKey=Foxlider_FASTER
# -Dsonar.organization=foxlicorp
# projectBaseDir: .
steps:
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'zulu' # Alternative distribution options are available.
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~\sonar\cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache SonarCloud scanner
id: cache-sonar-scanner
uses: actions/cache@v4
with:
path: .\.sonar\scanner
key: ${{ runner.os }}-sonar-scanner
restore-keys: ${{ runner.os }}-sonar-scanner
- name: Install SonarCloud scanner
if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
shell: pwsh
run: |
New-Item -Path .\.sonar\scanner -ItemType Directory
dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner
- name: Build and analyze
env:
GITHUB_TOKEN: ${{ secrets.PR_DECORATION }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
shell: pwsh
run: |
.\.sonar\scanner\dotnet-sonarscanner begin /k:"Foxlider_FASTER" /o:"foxlicorp" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io"
dotnet build
.\.sonar\scanner\dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"